port 110 very slow

Hi I hope you can shed some light on this.

I installed a firewall/gateway on an AMD 1.1gHz PC with 256M RAM, 20G HDD
RTL8139 (rtl8139too driver) as eth1 internet facing and 3Com 3C59x eth0 lan
facing.

The OS is Mandrake 8.2 being the only distro that would actually boot. The
firewall is iptables configured as follows:
--------------------------------------------------------
#### NAT
*nat
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A POSTROUTING -o eth1 -j SNAT --to-source 203.xxx.yyy.zzz
# alpha for privacy for this post
COMMIT
#### MANGLE
*mangle
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
COMMIT
#### FILTER
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
COMMIT
--------------------------------------------------------

Now port 80 (http) works fine so does port 25. The trouble is with port 110
not receiving emails at proper speeds, 'tis very slow. Eth1 connects to a
Motorola Surfboard cable modem. Here is chkconfig --list

--------------------------------------------------------
alsa 0:off 1:off 2:off 3:off 4:off 5:off 6:off
kheader 0:off 1:off 2:on 3:on 4:off 5:on 6:off
keytable 0:off 1:off 2:on 3:on 4:on 5:on 6:off
usb 0:off 1:off 2:on 3:on 4:on 5:on 6:off
netfs 0:off 1:off 2:off 3:on 4:on 5:on 6:off
network 0:off 1:off 2:on 3:on 4:on 5:on 6:off
partmon 0:off 1:off 2:off 3:off 4:off 5:off 6:off
random 0:off 1:off 2:on 3:on 4:on 5:on 6:off
rawdevices 0:off 1:off 2:off 3:on 4:on 5:on 6:off
sound 0:off 1:off 2:off 3:off 4:off 5:off 6:off
harddrake 0:off 1:off 2:off 3:on 4:on 5:on 6:off
syslog 0:off 1:off 2:on 3:on 4:on 5:on 6:off
crond 0:off 1:off 2:on 3:on 4:on 5:on 6:off
xfs 0:off 1:off 2:on 3:on 4:on 5:on 6:off
portmap 0:off 1:off 2:off 3:on 4:on 5:on 6:off
kudzu 0:off 1:off 2:off 3:off 4:off 5:off 6:off
anacron 0:off 1:off 2:off 3:off 4:off 5:off 6:off
atd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
devfsd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
gpm 0:off 1:off 2:on 3:on 4:on 5:on 6:off
internet 0:off 1:off 2:on 3:on 4:on 5:on 6:off
iptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off
nfslock 0:off 1:off 2:off 3:off 4:off 5:off 6:off
numlock 0:off 1:off 2:off 3:off 4:off 5:off 6:off
sshd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
smb 0:off 1:off 2:off 3:off 4:off 5:off 6:off
squid 0:off 1:off 2:off 3:on 4:on 5:on 6:off
nfs 0:off 1:off 2:off 3:off 4:off 5:off 6:off
dhcpd 0:off 1:off 2:off 3:on 4:on 5:on 6:off
--------------------------------------------------------

What I'm wondering is why the performance is so abysmal. Here is the output
from /var/log/daemons/errors:

--------------------------------------------------------
Sep 11 09:48:17 gwfw dhcpd: receive_packet failed on eth0: Network is down
--------------------------------------------------------

But the network is not down at all!!! Here is the output from ifconfig:

--------------------------------------------------------
eth0 Link encap:Ethernet HWaddr 00:50:DA:22:C5:E4
inet addr:192.168.10.1 Bcast:192.168.10.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:98904 errors:21 dropped:14 overruns:7 frame:1
TX packets:61454 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:25291862 (24.1 Mb) TX bytes:27603675 (26.3 Mb)
Interrupt:10 Base address:0xe800

eth1 Link encap:Ethernet HWaddr 00:E0:4C:0A:D4:29
inet addr:203.xx.yyy.zzz Bcast:203.97.253.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:44471803 errors:1 dropped:0 overruns:0 frame:0
TX packets:151730 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:2725370421 (2599.1 Mb) TX bytes:53823034 (51.3 Mb)
Interrupt:11 Base address:0xef00

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:8851 errors:0 dropped:0 overruns:0 frame:0
TX packets:8851 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:670508 (654.7 Kb) TX bytes:670508 (654.7 Kb)
--------------------------------------------------------

You can see on the lan side (eth0) there are a lot of RX packet errors. The
Linux firewall on eth0 is processing netbios broadcasts from the two
Windows boxes it's attached to which may account for the errors but I can't
imagine that small number affecting overall performance on port 110.

What on earth else should I be looking at to troubleshoot this problem?

Thanks for your indulgence.
:-) Peter
.

Relevant Pages

  • Re: mount.cifs "mount error 20 = Not a directory"
    ... /ath0 was assigned to internal zone, so the firewall "shold" not have ... situations) is "ath0" (Its the wireless network adapter of an intel ... UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 ... Windows, particularly Windows 98. ...
    (alt.os.linux.suse)
  • Problems with DNS lookup
    ... My problem is that the laptop can not access the internet via the Debian ... Firewall LAN exiting on the Netgear segment. ... Debian Firewall eth0 ... The firewall itself can access all hosts on the 192.168.1.0/24 network via ...
    (Debian-User)
  • Making a router from a Linux machine
    ... I have a Debian Linux on one machine which has 2 Ethernet cards. ... to make this machine to be my firewall. ... "network" of 1 computer. ... Shortly, I need no masquerading, but I need to translate all eth0 ...
    (comp.os.linux.networking)
  • Networking/Firewall design
    ... Windows 98 Box eth0 192.168.5.4 ... As you can see all my boxes are on the same network 192.168.5.0 ... But I do not have Firewalls or IDS even if the router can do some NAT ... where do I put the firewall and for example Snort? ...
    (comp.os.linux.security)
  • eth0 -> ppp0 tcp starvation
    ... > do you use to connect ppp0? ... I'm assuming you're using a firewall, ... from eth0. ... I do not think pppd cares about who its client is (my ...
    (comp.security.firewalls)